A large-scale malvertising campaign, attributed to the North Korean hacker group Lazarus, has reportedly affected nearly 1 million devices worldwide, targeting both consumer and enterprise machines. According to Microsoft Security Intelligence, the campaign exploits malicious GitHub repositories and has led to the deployment of backdoors through fake npm packages. Researchers from the Socket research team identified six malicious npm packages linked to Lazarus, which aim to steal user credentials and cryptocurrency wallet data, particularly focusing on Solana and Exodus wallets. The campaign demonstrates the ongoing threat posed by cybercriminals leveraging software supply chain vulnerabilities.